Inactive Dreaded McAfee Real-Time scanner shutting itself off

Status
Not open for further replies.
B

Buchu70

Posts: 8   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Buchu70 (administrator) on BUCHU70-PC on 17-06-2015 22:10:16
Running from G:\Desktop Drives\_NEW FILES_
Loaded Profiles: Buchu70 (Available Profiles: Buchu70 & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) D:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) D:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(DisplayLink Corp.) D:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Epic Privacy Browser) C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
() C:\Program Files (x86)\DFX\DFX.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Microsoft Corporation) D:\Program Files\Windows Media Player\wmpnetwk.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [508472 2009-10-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [reminder] => C:\Program Files\TOSHIBA\TFMU\reminder.exe [657792 2009-10-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => d:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-07-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [DFX] => c:\Program Files (x86)\DFX\DFX.exe [1271768 2014-09-24] ()
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2015-05-10] (Epic Privacy Browser)
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\MountPoints2: {e5508088-3a9d-11e4-82f0-00231839d94e} - F:\iLinker.exe
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk * ᔃﷷ߾샠ү

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
SearchScopes: HKLM -> DefaultScope {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {094AFB31-25A1-400C-AFBB-83AEB6A23027} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1A35D513-38C5-4BB5-BC5E-E00CAEC25E5E} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> d:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> d:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> d:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - d:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.facebook.com/index.php?lh=Ac_EL2AjWLVJDZQv|https://www.google.com/ncr
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "type", 0
FF Plugin: @mcafee.com/MSC,version=10 -> d:\PROGRA~3\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> d:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MVT -> d:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> d:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> d:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Buchu70\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-4005634597-1431848184-4208822118-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Buchu70\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-05-10] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: d:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Buchu70\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-12] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\searchplugins\bingp.xml [2014-11-09]
FF Extension: Ads Removal - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\adremoveext@adremoveext.net [2014-08-20]
FF Extension: EPUBReader - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-23]
FF Extension: Translate This! - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-05-23]
FF Extension: Zoom Page - C:\Users\Buchu70\AppData\Roaming\Mozilla\Firefox\Profiles\wg6va510.default\Extensions\zoompage@DW-dev.xpi [2015-05-23]
FF Extension: Hotspot Shield Helper (Please allow this installation) - d:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2015-05-23]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - d:\Program Files (x86)\McAfee\SiteAdvisor [2015-06-17]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - d:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - d:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - d:\Program Files\McAfee\MSK [2015-06-17]
FF Extension: No Name - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-10]
CHR Extension: (Radio) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-11-10]
CHR Extension: (Google Docs) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-10]
CHR Extension: (Google Drive) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (World Clocks) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbpkeenmblnjdalaijgmkpmikifnegoh [2014-11-10]
CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-11-18]
CHR Extension: (YouTube) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Polarr Photo Editor 2) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2015-02-25]
CHR Extension: (Stitcher) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2014-11-10]
CHR Extension: (TechSmith Snagit) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik [2014-11-10]
CHR Extension: (SiteAdvisor) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-19]
CHR Extension: (AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-10]
CHR Extension: (Zillow) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2014-11-10]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-05-12]
CHR Extension: (Popup Blocker Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-05-31]
CHR Extension: (Turn Off the Lights) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\labjanboighjienkhiabgpefblkbmemd [2014-11-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-17]
CHR Extension: (Facebook AdBlock) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-11-10]
CHR Extension: (Google Wallet) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Adblock Pro) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-31]
CHR Extension: (Outlook.com) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-11-10]
CHR Extension: (IP4 Calculator) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pglhkpcfkalkpckfbdpngbaigmklcfmc [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Buchu70\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]
CHR HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - d:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R2 ClickToRunSvc; d:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DisplayLinkService; D:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
S3 fussvc; D:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S2 gupdate; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
S3 gupdatem; d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iPod Service; D:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-07] (Apple Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; d:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-06-04] (McAfee, Inc.)
R2 McAPExe; d:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; d:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-01] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 osppsvc; d:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2014-03-30] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 Te.Service; D:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S3 TMachInfo; D:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [57216 2011-07-11] (TOSHIBA Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-05-29] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-19] (O2Micro )
S3 Tosrfcom; No ImagePath
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
S3 cpuz135; \??\C:\Users\Buchu70\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 22:09 - 2015-06-17 22:10 - 00000000 ____D C:\FRST
2015-06-17 00:55 - 2015-06-17 00:55 - 00000988 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2015-06-17 00:54 - 2015-06-17 00:54 - 00000000 ___DC d:\Program Files (x86)\McAfee.com
2015-06-17 00:54 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2015-06-17 00:53 - 2015-06-17 00:54 - 00000000 ___DC d:\Program Files\McAfee
2015-06-17 00:53 - 2015-06-17 00:53 - 00000000 ___DC d:\Program Files\McAfee.com
2015-06-17 00:49 - 2015-06-17 20:24 - 00000000 ____D C:\ProgramData\McAfee
2015-06-17 00:49 - 2015-06-17 01:11 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-06-17 00:49 - 2015-02-17 14:36 - 00250672 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe
2015-06-16 23:49 - 2015-06-16 23:49 - 00000000 ____D C:\Users\Buchu70\AppData\Roaming\McAfee
2015-06-16 19:07 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-06-16 18:58 - 2015-06-17 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-16 18:53 - 2015-06-17 00:50 - 00000000 ___DC d:\Program Files\stinger
2015-06-16 18:48 - 2015-06-17 00:38 - 00000570 _____ C:\windows\wininit.ini
2015-06-12 23:08 - 2015-06-12 23:09 - 00762904 _____ C:\windows\Minidump\061215-39998-01.dmp
2015-06-12 22:54 - 2015-06-12 22:54 - 00262144 _____ C:\windows\Minidump\061215-50232-01.dmp
2015-06-11 01:05 - 2015-06-11 01:05 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetectionEE0F6E56-ACFB-4128-A983-384DD3433EFB
2015-06-10 22:40 - 2015-06-10 22:40 - 00634176 _____ C:\windows\Minidump\061015-41277-01.dmp
2015-06-10 17:01 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 17:01 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-10 17:01 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-10 17:01 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-10 17:01 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-10 17:01 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 17:01 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 17:01 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-10 17:01 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-10 17:01 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 17:01 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-10 17:01 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-10 17:01 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-10 17:01 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-10 17:01 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-10 17:01 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-10 17:01 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-10 17:01 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-10 17:01 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-10 17:01 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-10 17:01 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-10 17:01 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-10 17:01 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 17:01 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-10 17:01 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-10 17:01 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:01 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-10 17:01 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-10 17:01 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-10 17:01 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 17:01 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-10 17:01 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-10 17:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-10 17:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-10 17:01 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-10 17:01 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-10 17:01 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-10 17:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-10 17:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-10 17:01 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
 
2015-06-10 17:01 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 17:01 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-10 17:00 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-07 21:43 - 2015-06-07 21:43 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetection31A4368E-66A8-44EF-9338-4C6FC18EA3E8
2015-06-07 18:01 - 2015-06-07 18:01 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetectionD29DC2D3-101A-42F6-AA6B-9859FC7A30FD
2015-06-03 01:21 - 2015-06-03 01:21 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetectionF3B55974-021E-47B4-8957-2B6252E38A4E
2015-06-01 21:45 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-06-01 21:32 - 2015-06-01 21:32 - 00753256 _____ C:\windows\Minidump\060115-43961-01.dmp
2015-06-01 17:25 - 2015-06-17 21:21 - 00000670 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-4005634597-1431848184-4208822118-1000.job
2015-06-01 17:25 - 2015-06-13 09:52 - 00003704 _____ C:\windows\System32\Tasks\G2MUploadTask-S-1-5-21-4005634597-1431848184-4208822118-1000
2015-06-01 16:14 - 2015-06-01 16:14 - 00000000 ____D C:\Users\Buchu70\AppData\Local\GWX
2015-05-30 00:05 - 2015-05-30 00:05 - 00730696 _____ C:\windows\Minidump\053015-41543-01.dmp
2015-05-29 22:36 - 2015-05-29 22:36 - 00000000 ___DC d:\Program Files\DisplayLink Graphics
2015-05-29 22:36 - 2015-02-12 11:29 - 00437480 _____ (DisplayLink Corp.) C:\windows\system32\Drivers\dlkmd.sys
2015-05-29 22:36 - 2015-02-12 11:29 - 00018664 _____ (DisplayLink Corp.) C:\windows\system32\Drivers\dlkmdldr.sys
2015-05-29 22:34 - 2015-05-29 22:34 - 01030656 _____ (DisplayLink Corp.) C:\windows\system32\DisplayLinkUsbCo64_7.7.60366.0.dll
2015-05-29 22:34 - 2015-05-29 22:34 - 00046312 _____ () C:\windows\system32\Drivers\DisplayLinkUsbIo_x64_7.7.60366.0.sys
2015-05-29 21:06 - 2015-05-29 21:45 - 00000000 ____D C:\Users\Buchu70\AppData\Roaming\NVIDIA
2015-05-29 21:05 - 2015-05-29 21:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-29 21:01 - 2015-05-29 21:01 - 00000000 ___DC d:\Program Files (x86)\Geeks3D
2015-05-29 21:01 - 2015-05-29 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2015-05-29 20:59 - 2015-05-29 20:59 - 00000000 ___DC d:\Program Files (x86)\NVIDIA Corporation
2015-05-29 20:59 - 2015-05-29 20:59 - 00000000 ___DC d:\Program Files (x86)\AGEIA Technologies
2015-05-29 20:58 - 2015-05-29 20:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-29 20:58 - 2015-02-04 05:56 - 00072904 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-05-29 20:58 - 2015-02-04 05:56 - 00059592 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-05-29 20:58 - 2015-02-04 04:21 - 06782152 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-05-29 20:58 - 2015-02-04 04:21 - 03522376 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-05-29 20:58 - 2015-02-04 04:21 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-05-29 20:58 - 2015-02-04 04:21 - 00932040 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-05-29 20:58 - 2015-02-04 04:21 - 00384200 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-05-29 20:58 - 2015-02-04 04:21 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-05-29 20:58 - 2015-02-03 18:18 - 04229086 _____ C:\windows\system32\nvcoproc.bin
2015-05-29 20:57 - 2015-02-04 05:56 - 31515280 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 24198856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 22993224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 18634072 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 18634072 _____ (NVIDIA Corporation) C:\windows\system32\dlumdfb11.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 18634072 _____ (NVIDIA Corporation) C:\windows\system32\dlumdfb10.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 17559432 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 17559432 _____ (NVIDIA Corporation) C:\windows\system32\dlumdfb9.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 16128576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 16128576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\dlumdfb11.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 16128576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\dlumdfb10.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 15294280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 14497568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 14497568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\dlumdfb9.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 13916280 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 13828032 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 12894024 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys.old
2015-05-29 20:57 - 2015-02-04 05:56 - 11272240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 11209192 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 04244680 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 03987600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 02823992 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 01907400 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434144.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 01555656 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434144.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 00944328 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 00907464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 00902344 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 00870032 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-05-29 20:57 - 2015-02-04 05:56 - 00026155 _____ C:\windows\system32\nvinfo.pb
2015-05-29 18:59 - 2015-05-29 18:59 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetection08C962D0-9271-4138-B78B-42F70F401201
2015-05-29 18:40 - 2015-05-29 18:40 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetection9DDF8EC6-C123-4061-A4C3-AC132A2F1D58
2015-05-29 17:42 - 2015-05-29 17:42 - 00000000 ____D C:\Users\Buchu70\AppData\Local\Toshiba Corporation
2015-05-29 16:19 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-29 16:19 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-29 16:17 - 2015-05-29 16:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-28 23:24 - 2015-05-28 23:24 - 00488208 _____ C:\windows\Minidump\052815-42229-01.dmp
2015-05-27 20:15 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-27 16:23 - 2015-05-27 16:23 - 00000000 __SHD C:\Users\Buchu70\AppData\Local\EmieUserList
2015-05-27 16:23 - 2015-05-27 16:23 - 00000000 __SHD C:\Users\Buchu70\AppData\Local\EmieSiteList
2015-05-27 16:23 - 2015-05-27 16:23 - 00000000 __SHD C:\Users\Buchu70\AppData\Local\EmieBrowserModeList
2015-05-24 20:12 - 2015-05-24 20:12 - 00000000 ____D C:\windows\CheckSur
2015-05-24 00:16 - 2015-05-24 00:16 - 00567432 _____ C:\windows\Minidump\052415-40045-01.dmp
2015-05-23 23:12 - 2015-05-23 23:12 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetection936A5795-4F91-48D7-BBB7-522C18119EB5
2015-05-23 22:26 - 2015-05-23 22:26 - 00497352 _____ C:\windows\Minidump\052315-40154-01.dmp
2015-05-23 17:16 - 2015-05-23 17:16 - 00663000 _____ C:\windows\Minidump\052315-38469-01.dmp
2015-05-23 15:21 - 2015-05-23 15:21 - 00000000 ____D C:\Users\Buchu70\AppData\Local\TempTaskUpdateDetectionBFEBC0AF-03A9-4539-AFC4-735D26DA40A1
2015-05-23 14:50 - 2015-05-30 16:27 - 00000000 ___DC d:\Program Files (x86)\Mozilla Firefox
2015-05-23 11:34 - 2015-05-23 11:34 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-23 11:34 - 2015-05-23 11:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-23 11:34 - 2015-05-23 11:34 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-23 11:34 - 2015-05-23 11:34 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-23 11:34 - 2015-05-23 11:34 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2015-05-23 11:34 - 2015-05-23 11:34 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2015-05-23 11:34 - 2015-05-23 11:34 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-23 11:34 - 2015-05-23 11:34 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-23 11:34 - 2015-05-23 11:34 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
 
2015-05-23 11:34 - 2015-05-23 11:34 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2015-05-23 11:34 - 2015-05-23 11:34 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2015-05-23 11:34 - 2015-05-23 11:34 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2015-05-23 11:34 - 2015-05-23 11:34 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2015-05-23 11:34 - 2015-05-23 11:34 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-22 18:21 - 2015-05-23 14:35 - 00001239 _____ C:\Users\Buchu70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-22 17:55 - 2015-05-23 11:36 - 00015576 _____ C:\windows\IE11_main.log
2015-05-22 15:06 - 2015-05-22 15:06 - 00000000 __SHD C:\found.003
2015-05-22 10:48 - 2015-05-29 16:17 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-20 16:20 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 22:03 - 2015-05-16 07:58 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f9d5b66b195.job
2015-06-17 22:03 - 2013-09-17 23:23 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 21:27 - 2014-07-23 18:56 - 00000574 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4005634597-1431848184-4208822118-1000.job
2015-06-17 20:45 - 2014-11-20 17:06 - 01372026 _____ C:\windows\WindowsUpdate.log
2015-06-17 20:42 - 2009-07-14 06:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 20:42 - 2009-07-14 06:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 20:41 - 2009-07-14 07:13 - 00005128 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-17 20:36 - 2013-07-08 23:20 - 00000000 ____D C:\Users\Buchu70\AppData\Roaming\BitTorrent
2015-06-17 20:35 - 2015-05-15 16:53 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f1ef41c1601.job
2015-06-17 20:35 - 2014-11-19 23:01 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 20:35 - 2013-09-17 23:23 - 00000896 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 20:34 - 2014-11-20 17:04 - 00053949 _____ C:\windows\setupact.log
2015-06-17 20:34 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-17 20:06 - 2014-12-20 23:54 - 00000000 ____D C:\Users\Buchu70\AppData\Local\Deployment
2015-06-17 01:25 - 2014-11-20 17:04 - 00702340 _____ C:\windows\PFRO.log
2015-06-17 01:25 - 2014-11-19 22:29 - 00000000 ___DC d:\Program Files (x86)\McAfee
2015-06-17 00:58 - 2013-07-08 23:39 - 00130757 ____H C:\Users\Buchu70\AppData\Roaming\TurboLaunch_IconCache.dat
2015-06-16 22:40 - 2014-12-13 02:26 - 00000000 ____D C:\Users\Buchu70\AppData\Local\Battle.net
2015-06-16 18:53 - 2014-10-06 19:03 - 00000000 ____D C:\Users\HomeGroupUser$
2015-06-16 18:53 - 2014-10-06 19:03 - 00000000 ____D C:\Users\Guest
2015-06-16 18:53 - 2014-10-06 19:03 - 00000000 ____D C:\Users\Administrator
2015-06-13 09:52 - 2014-07-23 18:56 - 00003608 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4005634597-1431848184-4208822118-1000
2015-06-12 23:08 - 2013-07-11 17:39 - 00000000 ____D C:\windows\Minidump
2015-06-12 01:19 - 2013-07-08 17:38 - 00000000 ____D C:\Users\Buchu70\AppData\Roaming\vlc
2015-06-10 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-06-10 17:40 - 2009-07-14 06:45 - 00473240 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-10 17:39 - 2015-04-15 17:14 - 00000000 ____D C:\windows\system32\appraiser
2015-06-10 17:39 - 2014-04-23 16:09 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-10 17:02 - 2013-07-12 12:51 - 00000000 ____D C:\windows\system32\MRT
2015-06-10 17:02 - 2013-07-07 23:58 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-09 17:07 - 2013-07-07 21:05 - 00000000 ____D C:\Users\Buchu70
2015-06-05 18:04 - 2015-05-15 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-01 23:20 - 2015-02-25 02:50 - 00000000 ___DC d:\Program Files (x86)\Battle.net
2015-06-01 15:53 - 2009-07-14 07:08 - 00032536 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-05-31 11:38 - 2013-07-07 22:59 - 00000000 ____D C:\Users\Buchu70\AppData\Local\Adobe
2015-05-30 16:27 - 2015-02-03 20:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-30 16:27 - 2013-04-15 23:12 - 00000000 ___DC d:\Program Files (x86)\Mozilla Maintenance Service
2015-05-29 22:35 - 2015-01-24 15:38 - 00009416 _____ C:\windows\DPINST.LOG
2015-05-29 22:35 - 2013-07-08 00:15 - 00000000 ___DC d:\Program Files\DisplayLink Core Software
2015-05-29 20:58 - 2013-07-11 16:27 - 00000000 ___DC d:\Program Files\NVIDIA Corporation
2015-05-29 20:58 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Help
2015-05-29 19:55 - 2015-01-18 13:13 - 00000000 ___DC d:\Program Files\Core Temp
2015-05-29 17:52 - 2013-07-07 21:22 - 00000000 ____D C:\Users\Buchu70\AppData\Roaming\Toshiba
2015-05-29 17:48 - 2009-12-15 06:09 - 00000000 ____D C:\windows\Downloaded Installations
2015-05-29 16:17 - 2013-05-08 18:31 - 00000000 ___DC d:\Program Files (x86)\Adobe
2015-05-29 16:16 - 2013-07-08 06:28 - 00000000 ____D C:\ProgramData\Adobe
2015-05-23 23:48 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2015-05-23 11:37 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-05-22 18:20 - 2009-12-15 21:39 - 00000000 ____D C:\windows\Panther
2015-05-22 18:04 - 2013-08-28 19:26 - 00000000 ____D C:\windows\pss
2015-05-19 22:42 - 2014-04-23 17:25 - 00000000 ___DC d:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2012-09-11 21:30 - 2012-09-11 21:30 - 0001030 ____C () d:\Program Files\autoplaylist.dat
2012-09-11 21:30 - 2012-09-11 21:30 - 0427405 ____C () d:\Program Files\calibrate.rv
2012-09-11 21:30 - 2012-09-11 21:30 - 2041072 ____C (Gracenote, Inc.) d:\Program Files\cddbcontrol.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0943344 ____C (Gracenote) d:\Program Files\cddblink.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 1115376 ____C (Gracenote) d:\Program Files\cddbmusicid.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0002851 ____C () d:\Program Files\cdroms.cfg
2012-09-11 21:30 - 2012-09-11 21:30 - 0000572 ____C () d:\Program Files\cinemasteraudio.4.3.manifest
2012-09-11 21:30 - 2012-09-11 21:30 - 0000716 ____C () d:\Program Files\cinemastervideo.4.3.manifest
2012-09-11 21:30 - 2012-09-11 21:30 - 0349336 ____C (RealNetworks, Inc.) d:\Program Files\convert.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0800297 ____C () d:\Program Files\converter.vs
2012-05-30 16:59 - 2012-05-30 16:59 - 0003409 ____C () d:\Program Files\COPYRIGHT
2012-09-11 21:30 - 2012-09-11 21:30 - 0719360 ____C (Microsoft Corporation) d:\Program Files\dbghelp.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0139264 ____C (Inner Media, Inc.) d:\Program Files\dunzip32.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0009728 ____C (RealNetworks, Inc.) d:\Program Files\fixrjb.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0001209 ____C () d:\Program Files\flvplay.swf
2012-09-11 21:30 - 2012-09-11 21:30 - 0027278 ____C () d:\Program Files\frw.bmp
2012-09-11 21:30 - 2012-09-11 21:30 - 0057762 ____C () d:\Program Files\howto.chm
2012-09-11 21:30 - 2012-09-11 21:30 - 0088064 ____C (RealNetworks, Inc.) d:\Program Files\hxaudiodevicehook.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0045056 ____C (RealNetworks, Inc.) d:\Program Files\ierjplug.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0000480 ____C () d:\Program Files\keys.dat
2012-05-30 16:59 - 2012-05-30 16:59 - 0000041 ____C () d:\Program Files\LICENSE
2012-09-11 21:30 - 2012-09-11 21:30 - 0390384 ____C (MainConcept GmbH) d:\Program Files\mc_enc_mp4v.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0045056 ____C (RealNetworks, Inc.) d:\Program Files\mmcdda32.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0937697 ____C () d:\Program Files\normal.vs
2012-09-11 21:30 - 2012-09-11 21:30 - 0028013 ____C () d:\Program Files\playrlic.html
2012-09-11 21:30 - 2012-09-11 21:30 - 0026774 ____C () d:\Program Files\playrlic.txt
2012-09-11 21:30 - 2012-09-11 21:30 - 0055043 ____C () d:\Program Files\presets.rnx
2012-09-11 21:30 - 2012-09-11 21:30 - 0116920 ____C (RealNetworks, Inc.) d:\Program Files\rdsf3260.dll
2012-05-30 16:59 - 2012-05-30 16:59 - 0000047 ____C () d:\Program Files\README.txt
2012-09-11 21:30 - 2012-09-11 21:30 - 0375448 ____C (RealNetworks, Inc.) d:\Program Files\realconverter.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0010240 ____C (RealNetworks, Inc.) d:\Program Files\realjbox.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0028013 ____C () d:\Program Files\RealNetworks License.html
2012-09-11 21:30 - 2012-09-11 21:30 - 0026774 ____C () d:\Program Files\RealNetworks License.txt
2012-09-11 21:30 - 2012-09-11 21:30 - 0040154 ____C () d:\Program Files\realplay.chm
2012-09-11 21:30 - 2012-09-11 21:30 - 0499352 ____C (RealNetworks, Inc.) d:\Program Files\realplay.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0129680 ____C (RealNetworks, Inc.) d:\Program Files\realshare.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0016296 ____C () d:\Program Files\realtfon.fon
2012-09-11 21:30 - 2012-09-11 21:30 - 0381080 ____C (RealNetworks, Inc.) d:\Program Files\realtrimmer.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0439504 ____C (RealNetworks, Inc.) d:\Program Files\recordingmanager.exe
2012-05-30 16:59 - 2012-05-30 16:59 - 0000451 ____C () d:\Program Files\release
2012-09-11 21:30 - 2012-09-11 21:30 - 0656896 ____C (RealNetworks, Inc.) d:\Program Files\rjbres.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0361984 ____C (RealNetworks, Inc.) d:\Program Files\rjdlg.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0034304 ____C (RealNetworks, Inc.) d:\Program Files\rjprog.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0072192 ____C (RealNetworks, Inc.) d:\Program Files\rjwmapln.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0029856 ____C (RealNetworks, Inc.) d:\Program Files\rndevicedbbuilder.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0046592 ____C (RealNetworks, Inc.) d:\Program Files\rpau3260.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0018104 ____C (RealNetworks, Inc.) d:\Program Files\rphelperapp.exe
2012-09-11 21:30 - 2012-09-11 21:30 - 0086528 ____C (RealNetworks, Inc.) d:\Program Files\rpplugprot.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0064696 ____C (RealNetworks, Inc.) d:\Program Files\rpshell.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0067584 ____C (RealNetworks, Inc.) d:\Program Files\rpwa3260.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0045405 ____C () d:\Program Files\sharemedia.vs
2012-09-11 21:30 - 2012-09-11 21:30 - 0061495 ____C () d:\Program Files\ssimages.vs
2012-09-11 21:30 - 2012-09-11 21:30 - 0000050 ____C () d:\Program Files\strs23.dat
2012-09-11 21:30 - 2012-09-11 21:30 - 0000013 ____C () d:\Program Files\strs26.dat
2012-09-11 21:30 - 2012-09-11 21:30 - 0000221 ____C () d:\Program Files\subscription.rnx
2012-05-30 16:59 - 2012-05-30 16:59 - 0175640 ____C () d:\Program Files\THIRDPARTYLICENSEREADME.txt
2012-09-11 21:30 - 2012-09-11 21:30 - 0023552 ____C (RealNetworks, Inc.) d:\Program Files\tnetdtct.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0048640 ____C (RealNetworks, Inc.) d:\Program Files\tpasdk.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0074240 ____C (RealNetworks, Inc.) d:\Program Files\tsasdk.dll
2012-09-11 21:30 - 2012-09-11 21:30 - 0017846 ____C () d:\Program Files\videotest.rm
2012-09-11 21:30 - 2012-09-11 21:30 - 0119808 ____C () d:\Program Files\waiting.avi
2012-05-30 16:59 - 2012-05-30 16:59 - 0000983 ____C () d:\Program Files\Welcome.html
2012-09-11 21:30 - 2012-09-11 21:30 - 0016896 ____C (RealNetworks, Inc.) d:\Program Files\wmdmhelper.dll
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\Users\Buchu70\AppData\Roaming\Internet Services
2013-07-29 23:44 - 2013-07-29 23:44 - 0000268 ___RH () C:\Users\Buchu70\AppData\Roaming\Iterate Items
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\Users\Buchu70\AppData\Roaming\Jazz
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\Users\Buchu70\AppData\Roaming\Light Machine
2014-08-22 23:41 - 2014-08-22 23:41 - 0000105 _____ () C:\Users\Buchu70\AppData\Roaming\mbam.context.scan
2013-07-15 17:53 - 2013-07-15 17:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\ProgramData\Jingles
2013-07-29 23:44 - 2013-07-29 23:44 - 0000268 ___RH () C:\ProgramData\Kernel Extension
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\ProgramData\Keyboard Layouts
2014-03-09 23:45 - 2015-01-27 17:43 - 0000614 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-07-29 23:43 - 2013-07-29 23:43 - 0000268 ___RH () C:\ProgramData\MIDI Configurations
2013-07-29 23:43 - 2013-07-29 23:43 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-07-29 23:44 - 2013-07-29 23:44 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-07-29 23:43 - 2013-10-09 16:29 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-07-29 23:43 - 2013-07-29 23:43 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some files in TEMP:
====================
C:\Users\Buchu70\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Buchu70\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Buchu70\AppData\Local\Temp\mptev2hk.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-13 10:08

==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Buchu70 at 2015-06-17 22:10:48
Running from G:\Desktop Drives\_NEW FILES_
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4005634597-1431848184-4208822118-500 - Administrator - Disabled)
Buchu70 (S-1-5-21-4005634597-1431848184-4208822118-1000 - Administrator - Enabled) => C:\Users\Buchu70
Guest (S-1-5-21-4005634597-1431848184-4208822118-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4005634597-1431848184-4208822118-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro 7 (HKLM-x32\...\{FCDC1C23-C105-4DB0-9B7E-C88BED71491B}) (Version: 7.0.137 - ACD Systems International Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.26936 - Microsoft) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Auslogics BoostSpeed 7 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.1.0.0 - Auslogics Labs Pty Ltd)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.01(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO) (Version: 4.126.0.62 - Conexant)
Curse Client (HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DFX (HKLM-x32\...\DFX) (Version: 11.300.0.0 - Power Technology)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
DisplayLink Core Software (HKLM\...\{65B2569D-303B-41EC-B38C-0934963BC3AD}) (Version: 7.7.60366.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{099F2D54-39A8-470C-A3DA-E2F123F5A6D7}) (Version: 7.7.60373.0 - DisplayLink Corp.)
Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.1 - Dolby)
DVD MovieFactory for TOSHIBA (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
DVD MovieFactory for TOSHIBA (x32 Version: 7.0.0 - Corel Corporation) Hidden
Epic Privacy Browser (HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\Epic) (Version: 40.0.2214.91 - Epic)
EPUB Converter 9.2.1 (HKLM-x32\...\{2AE773B8-7FA5-4D59-B4EC-D22B1CC2D2BC}) (Version: 9.2.1 - AniceSoft)
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.2.1.2856 (HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\...\GoToMeeting) (Version: 7.2.1.2856 - CitrixOnline)
HD Writer AE 1.5 (HKLM-x32\...\{96B361E4-A86E-4335-99FF-6C3604788DAB}) (Version: 1.05.024.1033 - Panasonic Corporation)
HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION)
HDMI Control Manager (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (x32 Version: 2.0 - TOSHIBA CORPORATION) Hidden
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
InterVideo WinDVD BD for TOSHIBA (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.153 - InterVideo Inc.)
InterVideo WinDVD BD for TOSHIBA (x32 Version: 8.0.20.153 - InterVideo Inc.) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 14 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
K-Lite Codec Pack 10.8.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.228 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
MSI Development Tools (x32 Version: 8.100.26898 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.12139 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{08D341E2-6FC3-4361-B18A-48E8AC004FEB}) (Version: 2.0.24.D - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.24.D - O2Micro International LTD.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
SDK Debuggers (x32 Version: 8.100.26936 - Microsoft Corporation) Hidden
Silhouette Studio (HKLM-x32\...\{C7CF49EF-CDCA-4621-BE52-849291362D6C}) (Version: 2.4.0 - Aspex Research & Technology)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.7.3 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}) (Version: 1.5.05.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.12.64 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: - )
TOSHIBA Folder Migrating Utility (HKLM-x32\...\InstallShield_{51099A23-4C65-469C-A31B-835E163A4D27}) (Version: 1.0.3.4 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.02.01.00 - )
 
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.65 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.38 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.1.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}) (Version: 1.5.07.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.02.01.00 - )
TOSHIBA USB Sleep and Charge Utility (HKLM-x32\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.4.0 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.34.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.10 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.3 - Toshiba)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Doctor 2.7.8 (HKLM-x32\...\Windows Doctor 2.7.8_is1) (Version: - WindowsDoctor International LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WPT Redistributables (x32 Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26936 - Microsoft) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Buchu70\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000_Classes\CLSID\{cc990feb-3e2f-4c68-9871-c56bf5605de4}\InprocServer32 -> C:\windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4005634597-1431848184-4208822118-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> c:\Program Files (x86)\Google\Update\1.3.25.5\psmachine_64.dll No File

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1233A9C3-2DC7-4AC5-BA58-F8810A99122D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => d:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {5121EED4-AD83-4092-9B2D-8F803D98B05C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => d:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {5AD0030B-28CA-4D89-8837-905A4A037F02} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f1ef41c1601 => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {5E7EB3C6-C262-496D-91BB-7EB6BC04DC75} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => D:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {68CD4791-D8DF-4864-BD61-4CA87DFDBDAC} - System32\Tasks\G2MUpdateTask-S-1-5-21-4005634597-1431848184-4208822118-1000 => C:\Users\Buchu70\AppData\Local\Citrix\GoToMeeting\2856\g2mupdate.exe [2015-06-13] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {7BEE12D0-8BD7-4F95-BF7E-F86AC16CCB01} - System32\Tasks\G2MUploadTask-S-1-5-21-4005634597-1431848184-4208822118-1000 => C:\Users\Buchu70\AppData\Local\Citrix\GoToMeeting\2856\g2mupload.exe [2015-06-13] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {857CB708-F648-423F-B56B-A6707517EA0A} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f9d5b66b195 => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {964B04B7-7E8B-4DCF-89C1-D8E24973A667} - System32\Tasks\Microsoft\Office\Office Automatic Updates => d:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {9B725FBA-9A71-4B0A-91E5-901E702E1EA5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {C2D1AB8E-9989-4A03-AB83-7565EE953D46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => d:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {D6FDFD62-6F3F-4268-ADA5-5ECC59D62EC1} - System32\Tasks\GoogleUpdateTaskMachineCore => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {DAC4A67C-3C79-40E5-BA08-05923C289170} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-28] (TOSHIBA CORPORATION)
Task: {DAF3C920-C0AF-4DC0-AEE0-EDAD2F692228} - System32\Tasks\{B67C01E7-8C3F-4F55-9FFC-CE130A63A0AD} => pcalua.exe -a "G:\Desktop Drives\_NEW FILES_\TCA0027600J_os2010160b_64.exe" -d "G:\Desktop Drives\_NEW FILES_"
Task: {E0634D2B-E91F-450E-A0DB-397647CDC459} - System32\Tasks\GoogleUpdateTaskMachineUA => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {EEE4F661-B7BB-41F4-817A-A6375D187C4F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4005634597-1431848184-4208822118-1000.job => C:\Users\Buchu70\AppData\Local\Citrix\GoToMeeting\2856\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-4005634597-1431848184-4208822118-1000.job => C:\Users\Buchu70\AppData\Local\Citrix\GoToMeeting\2856\g2mupload.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f1ef41c1601.job => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f9d5b66b195.job => d:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-29 20:58 - 2015-02-04 04:21 - 00115400 ____C () d:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-23 17:25 - 2014-05-20 09:19 - 00105640 ____C () d:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 ____C () D:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-03-13 19:15 - 2015-01-27 17:29 - 08898720 ____C () d:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-24 22:37 - 2014-09-24 22:37 - 01271768 _____ () C:\Program Files (x86)\DFX\DFX.exe
2014-09-24 22:47 - 2014-09-24 22:47 - 00130520 _____ () c:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2014-09-24 22:51 - 2014-09-24 22:51 - 00131544 _____ () c:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2014-09-24 23:10 - 2014-09-24 23:10 - 00048088 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2013-07-08 06:01 - 2009-10-02 22:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-03-13 19:15 - 2015-01-27 16:13 - 08898720 ____C () d:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-09-24 23:06 - 2014-09-24 23:06 - 00049112 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2015-06-09 22:04 - 2015-06-05 20:22 - 01281864 ____C () D:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 22:04 - 2015-06-05 20:22 - 00080712 ____C () D:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B946D9EE

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
 
==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4005634597-1431848184-4208822118-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Buchu70\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Buchu70^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CleanGeniusTray => "D:\Program Files (x86)\CleanGenius 3\CleanGeniusTray.exe" -startup
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => D:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: QuickTime Task => "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: TkBellExe => "c:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D559B3A-1F40-4A1C-8D8E-565C6B44A3E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{BB62495A-A824-453D-931E-96F1DD9C6DB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4A959E09-694F-425F-8DC6-C74B762F07D4}] => (Allow) svchost.exe
FirewallRules: [{0C095F5B-C49D-4824-8B1B-1BC38154CA81}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{00A6BB8A-776C-4FBF-A24C-4EA7B79A22ED}] => (Allow) D:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E5696B52-15D1-4988-92A1-0D846B9FF0FB}] => (Allow) D:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2C3CE365-97C8-4792-BC23-43FC594B55C9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14B78CED-9D20-4E95-BBDE-8E73CF6C0CA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5052201-CDD1-4503-9888-CC88050E990F}] => (Allow) d:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AF80FB40-8B61-4579-9007-0187A8DD1B4D}] => (Allow) d:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C0B88403-1622-4B6E-855D-E2687980C39C}] => (Allow) D:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{04939746-7200-4F9D-9FA1-916198D2E4C2}] => (Allow) D:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
FirewallRules: [{D3739630-E51F-4196-A129-CD8F3F1794DD}] => (Allow) D:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
FirewallRules: [{3F336FA6-9015-49D7-B726-E71B75CDB250}] => (Allow) D:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe
FirewallRules: [{D94B7AB8-7FC6-4C30-A19D-DC62152B57F1}] => (Allow) D:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe
FirewallRules: [{B799589A-45C9-4B17-A288-60B708A082D4}] => (Allow) C:\Users\Buchu70\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B9E61CFF-39DE-4C8A-879B-9EA8AE6EF8F4}] => (Allow) C:\Users\Buchu70\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9E60254E-3DF0-4DB0-8724-85A6F24FD889}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0987EE6A-28DA-4E1B-82C6-D938F7653939}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0993B6D9-E1D5-4B11-BFA6-370F7F4215AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{4E309E18-3E18-42FC-BCC5-79322F263A7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{13EA80AF-4DDB-4F84-90BF-AE70FBAAF27B}] => (Allow) d:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{78C8C703-BF81-4A01-9D8B-4D27AD68BFB8}D:\program files (x86)\xbmc\xbmc.exe] => (Allow) D:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{5F3AB066-B6CD-4787-B2FC-1A8D51A13CBC}D:\program files (x86)\xbmc\xbmc.exe] => (Allow) D:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{58824B64-DEA3-4F1A-8099-7B248B409E5E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79A8E62A-0BE9-45E5-8702-4E518F771640}] => (Allow) c:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE293C2A-344A-4628-AC99-65FFAE7A8D70}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{C5E15833-9914-4FE6-9814-0914836C4F30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CAE454D5-0787-44A4-B8B2-788F02D7BC10}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{971452B4-C98D-42F1-AA4D-27AC96DE7D36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{67D1F504-22BB-463C-BF49-3FEA2A3A4B98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0A899080-F242-4CCD-B467-9D35FFA21F4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7E19B5E7-37B6-433F-A308-281990CE9B8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{C38E89B6-B43F-434A-A348-D003011A23C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{EA5187C3-07D5-4A3C-A60A-320ED07278D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D1B2F396-17A7-42C6-B9F6-FC160C01D4F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{24CE895F-7307-4A94-93C6-8197721B53C1}] => (Allow) D:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{1C5255BD-B051-4814-9D63-6BCD1BDD6409}] => (Allow) D:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{804671B5-B756-4B5A-978F-5F21135C3F54}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{8151346F-152A-4E74-836C-03B5CAEE8706}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{6EC07277-2082-405F-9AEE-CB3D31DBCB5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{0B749FEC-82BD-411D-81B4-9E43BF6F7D12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{2CA9A5EF-50ED-482C-8AEB-9AE618F35BE4}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7DB36313-7F23-4815-83DA-120362DEC8E7}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{51D9844A-72D6-4C0A-8595-4F0D9A0BB8DB}] => (Allow) C:\Users\Buchu70\AppData\Local\Apps\2.0\QTZXHO5A.7LK\H9MJG0JD.RHR\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{0069A84A-C4E0-4DC0-B68E-CC287F015ABA}] => (Allow) C:\Users\Buchu70\AppData\Local\Apps\2.0\QTZXHO5A.7LK\H9MJG0JD.RHR\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{ABB2CBC4-E408-4AAA-9E3E-5503BB804DA0}] => (Allow) d:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{3C32744F-25EF-45DC-89D5-7307F29234AF}] => (Allow) d:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{951C7BE3-34E7-4672-8484-8FB6AE3AA7A5}] => (Allow) D:\Program Files\iTunes\iTunes.exe
FirewallRules: [{AC43F351-816B-45BD-A46A-BAF5059542AE}] => (Allow) d:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E208900B-8F61-4222-9B43-A453DE02C8D0}] => (Allow) C:\Users\Buchu70\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{C3CD5187-0ED1-43AC-A55B-A8F30013B445}] => (Allow) C:\Users\Buchu70\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{0BC944E1-95AA-4909-AC11-E3F13E57D13C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2015 08:41:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/17/2015 08:41:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/17/2015 08:19:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/17/2015 08:19:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/17/2015 00:39:07 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/16/2015 07:07:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (06/16/2015 07:06:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (06/12/2015 00:08:03 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/12/2015 00:04:47 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/12/2015 00:04:37 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
 
System errors:
=============
Error: (06/17/2015 07:59:21 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068McNaiAnn{395633B1-EED9-4DFC-B67F-9788B51C9F06}

Error: (06/17/2015 07:58:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068McNaiAnn{C90134D2-4AE9-407A-919A-4A2EF09C6C51}

Error: (06/17/2015 07:58:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/17/2015 07:58:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office:
=========================
Error: (06/17/2015 08:41:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/17/2015 08:41:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (06/17/2015 08:19:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/17/2015 08:19:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (06/17/2015 00:39:07 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/16/2015 07:07:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (06/16/2015 07:06:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (06/12/2015 00:08:03 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/12/2015 00:04:47 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/12/2015 00:04:37 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 40%
Total physical RAM: 8180.48 MB
Available physical RAM: 4861.95 MB
Total Pagefile: 16359.17 MB
Available Pagefile: 12518.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI105417W0F) (Fixed) (Total:47.83 GB) (Free:5.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:402.74 GB) NTFS
Drive e: (GParted-live) (CDROM) (Total:0.22 GB) (Free:0 GB) UDF
Drive g: (Toshiba 1TB) (Fixed) (Total:931.51 GB) (Free:715.58 GB) NTFS
Drive h: (My Passport) (Fixed) (Total:298.01 GB) (Free:166.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 59.6 GB) (Disk ID: F7ACEB5A)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=47.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.3 GB) - (Type=17)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 852094C6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0997E8A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 298.1 GB) (Disk ID: 41FFC810)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)

==================== End of log ============================
 
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=============================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.


(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back